package com.financing.wap.web.controller;

import java.net.URLEncoder;
import java.util.Map;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.financing.wap.common.ResultMap;
import com.financing.wap.common.ResultMap.STATUS;
import com.financing.wap.common.Session;
import com.financing.wap.common.Views;
import com.financing.wap.dto.UserDTO;
import com.financing.wap.service.IUserService;
import com.financing.wap.util.Constants;
import com.financing.wap.util.SecureUtil;
import com.financing.wap.util.StringUtil;

@Controller
public class LoginController extends BaseController {
	
	@Autowired
	private IUserService userService;
	
	@RequestMapping(value="/login",method=RequestMethod.GET)
	public String login(HttpServletRequest request){
		return Views.LOGIN_PAGE;
	}
	
	@RequestMapping(value="/logout",method=RequestMethod.GET)
	public String logout(HttpServletRequest request){
		request.getSession().invalidate();
		return redirct("/login");
	}
	
	@RequestMapping(value="/login",method=RequestMethod.POST)
	@ResponseBody
	@SuppressWarnings(value="unchecked")
	public ResultMap login(UserDTO user,HttpServletRequest request , HttpServletResponse response){
		
		ResultMap result = new ResultMap();
		//对密码进行加密
		String password = user.getPassword();
		String securePassword = SecureUtil.MD5EncryptAndBase64(password);
		String pt = request.getParameter(Constants._PT);
		user.setPassword(securePassword);
		
		user = userService.getUserByUF(user);
		if(user != null){
			Session session = getSession(true);
			session.setLogin(true);
			session.setUser(user);
			
//			SessionUtil.setSession(session);
			setSession(session);
			
			String returnUrl = (String) session.getAttribute("returnUrl");
			Map<String, Object> parameterMap = (Map<String, Object>)session.getAttribute("returnParameterMap");
			String returnMethod = (String) session.getAttribute("returnMethod");
			
			result.setAttribute("returnUrl", returnUrl);
			result.setAttribute("params", parameterMap);
			result.setAttribute("method", returnMethod);
			
			if(StringUtil.isMobilePT(pt)){
				String token = user.getId();
				try {
					token = SecureUtil.encrypt(token).replaceAll("=", "");
					Cookie cookie = new Cookie(Constants._TOKEN, token);
					cookie.setMaxAge(60*60*24*15);
					cookie.setPath("/");
					response.addCookie(cookie);
				} catch (Exception e) {
					log.error("mobile pt create token error!",e);
				}
			}
			
			result.setStatus(STATUS.SUCCESS);
			result.setMessage("登陆成功！");
			return result;
		}else{
			result.setStatus(STATUS.FAILE);
			result.setMessage("用户名密码错误！");
			return result;
		}
	}
	
	@RequestMapping(value="/forget",method=RequestMethod.GET)
	public String forget(HttpServletRequest request){
		return getTplPath(request) + Views.FORGET_PAGE;
	}

}
